Definition

memory dump

TechTarget Contributor

A memory dump is the process of taking all information content in RAM and writing it to a storage drive.

Developers commonly use memory dumps to gather diagnostic information at the time of a crash to help them troubleshoot issues and learn more about the event. Information yielded by the memory dump can help developers fix errors in operating systems and other programs of all kinds.

Some computer errors are unrecoverable because they require a reboot to regain functionality, but the information stored in RAM at the time of a crash contains the code that produced the error. Memory dumps save data that might other wise be lost to RAM's volatile nature or overwriting.

Memory dumps are seen in blue screen of death error in Microsoft operating systems. The errors display some basic suggestions, information and a faulting module while the percentage of the memory written to storage counts up. Following reboot, the memory dump can be sent to Microsoft for analysis to help the company fix the issue in updates and learn about usage.

As these dumps can include anything in the computer’s active RAM, some users have privacy concerns. Furthermore, since the dumps are stored on the drive, they can also present security risks. If savvy hackers get their hands on a memory dump, they can potentially find cleartext passwords or decryption keys that normally would not be easily accessible. Some Microsoft and other operating systems allow for memory dumps that contain less information, and some make it possible to turn off memory dumps.

This was last updated in December 2016

Continue Reading About memory dump

Preventing memory dump attacks

Extracting data from memory dumps with Event Tracing for Windows

Memory dumps in Linux

Android hacking: Dumping and analyzing application's memory

Testing systems with a manual blue screen and memory dump

Continue Reading About memory dump

Related Terms